Documentation ¶
Index ¶
- func TestPeering(peerName string, state pbpeering.PeeringState, meta map[string]string) *pbpeering.Peering
- func TestPeeringToken(peerID string) structs.PeeringToken
- type Backend
- type Config
- type Server
- func (s *Server) Establish(ctx context.Context, req *pbpeering.EstablishRequest) (*pbpeering.EstablishResponse, error)
- func (s *Server) GenerateToken(ctx context.Context, req *pbpeering.GenerateTokenRequest) (*pbpeering.GenerateTokenResponse, error)
- func (s *Server) PeeringDelete(ctx context.Context, req *pbpeering.PeeringDeleteRequest) (*pbpeering.PeeringDeleteResponse, error)
- func (s *Server) PeeringList(ctx context.Context, req *pbpeering.PeeringListRequest) (*pbpeering.PeeringListResponse, error)
- func (s *Server) PeeringRead(ctx context.Context, req *pbpeering.PeeringReadRequest) (*pbpeering.PeeringReadResponse, error)
- func (s *Server) PeeringWrite(ctx context.Context, req *pbpeering.PeeringWriteRequest) (*pbpeering.PeeringWriteResponse, error)
- func (s *Server) Register(grpcServer *grpc.Server)
- func (s *Server) TrustBundleListByService(ctx context.Context, req *pbpeering.TrustBundleListByServiceRequest) (*pbpeering.TrustBundleListByServiceResponse, error)
- func (s *Server) TrustBundleRead(ctx context.Context, req *pbpeering.TrustBundleReadRequest) (*pbpeering.TrustBundleReadResponse, error)
- type Store
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func TestPeering ¶
func TestPeering(peerName string, state pbpeering.PeeringState, meta map[string]string) *pbpeering.Peering
TestPeering is a test utility for generating a pbpeering.Peering with valid data along with the peerName, state and index.
func TestPeeringToken ¶
func TestPeeringToken(peerID string) structs.PeeringToken
TestPeeringToken is a test utility for generating a valid peering token with the given peerID for use in test cases
Types ¶
type Backend ¶
type Backend interface { // ResolveTokenAndDefaultMeta returns an acl.Authorizer which authorizes // actions based on the permissions granted to the token. // If either entMeta or authzContext are non-nil they will be populated with the // partition and namespace from the token. ResolveTokenAndDefaultMeta(token string, entMeta *acl.EnterpriseMeta, authzCtx *acl.AuthorizerContext) (resolver.Result, error) // GetTLSMaterials returns the TLS materials for the dialer to dial the acceptor using TLS. // It returns the server name to validate, and the CA certificate to validate with. GetTLSMaterials(generatingToken bool) (string, []string, error) // GetLocalServerAddresses returns the addresses used for establishing a peering connection. // These may be server addresses or mesh gateway addresses if peering through mesh gateways. GetLocalServerAddresses() ([]string, error) // EncodeToken packages a peering token into a slice of bytes. EncodeToken(tok *structs.PeeringToken) ([]byte, error) // DecodeToken unpackages a peering token from a slice of bytes. DecodeToken([]byte) (*structs.PeeringToken, error) // GetDialAddresses returns: the addresses to cycle through when dialing a peer's servers, // an optional buffer of just gateway addresses, and an optional error. // The resulting ring buffer is front-loaded with the local mesh gateway addresses if the local // datacenter is configured to dial through mesh gateways. GetDialAddresses(logger hclog.Logger, ws memdb.WatchSet, peerID string) (*ring.Ring, *ring.Ring, error) EnterpriseCheckPartitions(partition string) error EnterpriseCheckNamespaces(namespace string) error Subscribe(req *stream.SubscribeRequest) (*stream.Subscription, error) // IsLeader indicates whether the consul server is in a leader state or not. IsLeader() bool // SetLeaderAddress is called on a raft.LeaderObservation in a go routine // in the consul server; see trackLeaderChanges() SetLeaderAddress(string) // GetLeaderAddress provides the best hint for the current address of the // leader. There is no guarantee that this is the actual address of the // leader. GetLeaderAddress() string // CheckPeeringUUID returns true if the given UUID is not associated with // an existing peering. CheckPeeringUUID(id string) (bool, error) ValidateProposedPeeringSecret(id string) (bool, error) PeeringWrite(req *pbpeering.PeeringWriteRequest) error Store() Store }
Backend defines the core integrations the Peering endpoint depends on. A functional implementation will integrate with various subcomponents of Consul such as the State store for reading and writing data, the CA machinery for providing access to CA data and the RPC system for forwarding requests to other servers.
type Config ¶
type Config struct { Backend Backend Tracker *peerstream.Tracker Logger hclog.Logger ForwardRPC func(structs.RPCInfo, func(*grpc.ClientConn) error) (bool, error) Datacenter string ConnectEnabled bool PeeringEnabled bool Locality *structs.Locality // Needed because the stateful components needed to handle blocking queries are mixed in with server goo FSMServer blockingquery.FSMServer }
type Server ¶
type Server struct {
Config
}
Server implements pbpeering.PeeringService to provide RPC operations for managing peering relationships.
func (*Server) Establish ¶
func (s *Server) Establish( ctx context.Context, req *pbpeering.EstablishRequest, ) (*pbpeering.EstablishResponse, error)
Establish implements the PeeringService RPC method to finalize peering registration. Given a valid token output from a peer's GenerateToken endpoint, a peering is registered.
func (*Server) GenerateToken ¶
func (s *Server) GenerateToken( ctx context.Context, req *pbpeering.GenerateTokenRequest, ) (*pbpeering.GenerateTokenResponse, error)
GenerateToken implements the PeeringService RPC method to generate a peering token which is the initial step in establishing a peering relationship with other Consul clusters.
func (*Server) PeeringDelete ¶
func (s *Server) PeeringDelete(ctx context.Context, req *pbpeering.PeeringDeleteRequest) (*pbpeering.PeeringDeleteResponse, error)
func (*Server) PeeringList ¶
func (s *Server) PeeringList(ctx context.Context, req *pbpeering.PeeringListRequest) (*pbpeering.PeeringListResponse, error)
PeeringList returns the list of peerings in the requested partition(s) (enterprise only). Note that for the purposes of the blocking query, changes are only observed as part of the storage Index, which does not include the hydrated state from reconcilePeering, including the Active state and the count of imported/exported services.
func (*Server) PeeringRead ¶
func (s *Server) PeeringRead(ctx context.Context, req *pbpeering.PeeringReadRequest) (*pbpeering.PeeringReadResponse, error)
PeeringRead returns the peering of the requested name and partition (enterprise only). Note that for the purposes of the blocking query, changes are only observed as part of the storage Index, which does not include the hydrated state from reconcilePeering, including the Active state and the count of imported/exported services.
func (*Server) PeeringWrite ¶
func (s *Server) PeeringWrite(ctx context.Context, req *pbpeering.PeeringWriteRequest) (*pbpeering.PeeringWriteResponse, error)
TODO(peering): As of writing, this method is only used in tests to set up Peerings in the state store. Consider removing if we can find another way to populate state store in peering_endpoint_test.go
func (*Server) TrustBundleListByService ¶
func (s *Server) TrustBundleListByService(ctx context.Context, req *pbpeering.TrustBundleListByServiceRequest) (*pbpeering.TrustBundleListByServiceResponse, error)
TODO(peering): rename rpc & request/response to drop the "service" part
func (*Server) TrustBundleRead ¶
func (s *Server) TrustBundleRead(ctx context.Context, req *pbpeering.TrustBundleReadRequest) (*pbpeering.TrustBundleReadResponse, error)
type Store ¶
type Store interface { PeeringRead(ws memdb.WatchSet, q state.Query) (uint64, *pbpeering.Peering, error) PeeringReadByID(ws memdb.WatchSet, id string) (uint64, *pbpeering.Peering, error) PeeringList(ws memdb.WatchSet, entMeta acl.EnterpriseMeta) (uint64, []*pbpeering.Peering, error) PeeringTrustBundleRead(ws memdb.WatchSet, q state.Query) (uint64, *pbpeering.PeeringTrustBundle, error) PeeringTrustBundleList(ws memdb.WatchSet, entMeta acl.EnterpriseMeta) (uint64, []*pbpeering.PeeringTrustBundle, error) TrustBundleListByService(ws memdb.WatchSet, service, dc string, entMeta acl.EnterpriseMeta) (uint64, []*pbpeering.PeeringTrustBundle, error) }
Store provides a read-only interface for querying Peering data.